Hacking: Outsider vs. Insider Threats
When it comes to hacking, your company faces threats from two directions: outside and inside. Sometimes, you can even expect these threats to act in tandem. And while it’s true that major news coverage of hacking tends to focus on hacks from outside threats—for example, the latest WannaCry hack—the more insidious threat for most companies is the proverbial inside job.
When it comes to major data breaches, espionage and money are the two big motivators.
What Is an Outsider Threat?
An outsider threat is anything originating from outside your organization. This could mean criminals looking for financial gain, hacktivists trying to make a point, white hat hackers looking for vulnerabilities, foreign governments testing their latest digital exploits, or even your competition engaged in corporate espionage.
What Is an Insider Threat?
An insider threat emanates from within your organization. This can include your vendors. For example, the major 2013 hack of Target, which saw 40 million credit and debit card numbers stolen, is thought to have began when an attacker compromised the credentials of a third party vendor supplying Target with heating, ventilation, and air conditioning services. Using those stolen credentials, the attackers caused so much damage that credit card companies had to spend $200 million just replacing cards. (For a much more thorough breakdown, see here).
Insider threats might be an employee being blackmailed by other organizations, an employee engaged in fraud, an employee selling information to the competition, or even an employee looking to get back at you out of spite.
What About SMBs?
And don’t for a second think that your small to medium sized business is immune to hacking. If your business takes payments from customers and has data linking names to credit cards, addresses, and phone numbers, you’re a worthwhile target. In fact, over 60% of all online attacks target small businesses. Big businesses have the money and wherewithal to build security. Small businesses often think they aren’t a target.
The outsider threats to SMBs are well documented. 40% of spear phishing attacks target businesses with fewer than 2,500 employees. And small businesses are particularly vulnerable to ransomware like WannaCry, largely because they lack the experience or resources to deal with the problem.
And you shouldn’t write off insider threats either. A recent study found that 64% of small businesses have suffered employee theft, many never getting restitution. 20 years ago, employee theft meant cash or materials. Now, it means data. Employee theft of data is on the rise, with employees taking things like source code, patent filings, customer data, and more.
What Should I Do?
The key takeaway from this post is that, when you’re creating your company’s IT security strategy and policies, it’s important to take into account both insider and outsider threats. Only when both threats are acknowledged can they be addressed.